- 参考网站
官方安装文档:
http://www.linuxfromscratch.org/blfs/view/svn/postlfs/openssh.html
网上相关安装文档:
http://www.cnblogs.com/biaopei/p/9267262.html
openssl官方网站
zlib官方网站
openssh官方网站
- 版本查看
open ssh当前版本(最新7.9)
openssl版本(最新1.1.1)
zilib版本(最新1.2.11)
- openssh_7.9版本要求
- 目前不支持OpenSSL 1.1.x.(条件满足,无需升级)
- Zlib 1.1.4或1.2.1.2或更高版本(早期1.2.x版本有问题)(条件满足,无需升级)
- 安装telnet服务(防止ssh安装失败连接不上服务器)
yum install -y telnet-server
yum install -y xinetd
systemctl enable xinetd.service
systemctl enable telnet.socket
systemctl start telnet.socket
systemctl start xinetd
#默认情况下,系统是不允许root用户telnet远程登录的。如果要使用root用户直接登录,需设置如下内容:
echo 'pts/0' >>/etc/securetty
echo 'pts/1' >>/etc/securetty
- openssh安装可能出现问题问题
1.configure: error: no acceptable C compiler found in $PATH 问题解决
yum install gcc
2.configure: error: * zlib.h missing - please install first or check config.log *
使用 yum install openssl openssl-devel -y 安装相关依赖包
3.Permission denied (publickey,keyboard-interactive)
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
- 具体安装过程
1.卸载旧的openssh
cp -r /etc/ssh /etc/ssh.old #开始准备安装openssh
rpm -qa|grep openssh
rpm -e --nodeps openssh-clients-6.6.1p1-31.el7.x86_64
rpm -e --nodeps openssh-6.6.1p1-31.el7.x86_64
rpm -e --nodeps openssh-server-6.6.1p1-31.el7.x86_64
rpm -qa|grep openssh
2.安装
install -v -m700 -d /var/lib/sshd &&
chown -v root:sys /var/lib/sshd &&
groupadd -g 50 sshd &&
useradd -c 'sshd PrivSep' \
-d /var/lib/sshd \
-g sshd \
-s /bin/false \
-u 50 sshd
tar -zxvf openssh-7.9p1.tar.gz
cd openssh-7.9p1
./configure --prefix=/usr \
--sysconfdir=/etc/ssh \
--with-md5-passwords \
--with-privsep-path=/var/lib/sshd &&
make
make install #执行好可能会提示WARNING: UNPROTECTED PRIVATE KEY FILE!原因是下面几个文件的权限问题
ll /etc/ssh/ssh_host_rsa_key
chmod 600 /etc/ssh/ssh_host_rsa_key
chmod 600 /etc/ssh/ssh_host_ecdsa_key
chmod 600 /etc/ssh/ssh_host_ed25519_key
make install
ssh –V
install -v -m755 contrib/ssh-copy-id /usr/bin
install -v -m644 contrib/ssh-copy-id.1 /usr/share/man/man1
install -v -m755 -d /usr/share/doc/openssh-7.9p1
install -v -m644 INSTALL LICENCE OVERVIEW README* #可能会有警告,不过问题不大
install -v -m644 INSTALL LICENCE OVERVIEW README* /usr/share/doc/openssh-7.9p1
#root用户访问处理
ssh -V
echo 'X11Forwarding yes' >> /etc/ssh/sshd_config
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
3.系统服务相关处理
cp -p contrib/redhat/sshd.init /etc/init.d/sshd
chmod +x /etc/init.d/sshd
chkconfig --add sshd
chkconfig sshd on
chkconfig --list sshd
systemctl restart sshd
ssh -V
4.检查防火墙是否关闭或者22端口是否开放
systemctl disable firewalld.service
systemctl stop firewalld
5.关闭selinx
vi /etc/selinux/config
把SELINUX=enforcing 改成 SELINUX=disabled
重启电脑就可以了